| MBeat33 | |
| Oct 5 2021, 7:21 PM |
| F35562141: Screen Shot 2022-10-10 at 11.51.08 PM.png | |
| Oct 11 2022, 6:53 AM |
| F34673312: ZD1000719.png | |
| Oct 5 2021, 7:21 PM |
Amber spotted ZD #1000719 who got these iframe error messages in the form:
when trying to donate via:
I am unable to replicate this, but it's odd-enough looking that I thought worth Phabifying. There is nothing recent at the Adyen console for this donor, who is in Civi from past contrib at cid=6887882.
Fr-Tech, please let me know if there's anything we can ask affected donors beyond the usual browser / OS / add-ons details.
The donor also had visibility into these messages:
"desc": "There is an error message in the SecuredField. The SecuredField cannot be typed into even if the error message is removed (display: 'none')",
"reason": "There is something wrong with the clientKey.",
"reasonFull": "Check that it is created against the right endpoint (\"test\" | \"live\") and that the \"List of allowed origins\" contains the domain of your website."
"desc": "There is a warning that sits below the SecuredField - and the SecuredField can be typed into",
"reason": "The Component has been rendered multiple times into the same HTML container",
"reasonFull": "The Component has been rendered in a loop; or, React has made multiple render passes; or, the Component initialisation code has been accidentally duplicated"
"desc": "You are seeing this warning but the SecuredField is working as expected. (Perhaps the SecuredField briefly showed an error message?)",
"reason": "The SecuredField took longer than expected to configure",
"reasonFull": "Please ignore this warning. Sorry for the inconvenience!"
"like a weird timeout kind of condition on Adyen's end." thank you @XenoRyet, we will keep an eye out for any more of these, or if anyone can replicate we will update this Task. Hopefully it is a one-off.
@dkozlowski. Please let me know if this should be raised to Adyen or if on our side. Thanks
Here are the consolidated examples so far, with added feedback from donors.
| ticket | date | tech specs | extra comments re add-ons + URL used |
| 1188242 | 10/10/2022 | uses Privacy Badger, which reported that checkoutshopper-live.adyen.com was prevented from setting cookies, being listed as a "potential tracker" | |
| 1182162 | 10/03/2022 | not yet | not yet |
| 1179919 | 9/27/2022 | Windows 10, OS build 19044.2006, Microsoft Edge Version 105.0.1343.53 | fundraising email1, Extensions = LastPass, IBM Security Rapport |
| 1179410 | 9/25/2022 | Recent PC Debian GNU/Linux 11 (Bullseye) & Firefox 105.0.1 | “I run a personal web server with pages that hold all my bookmarks. For privacy reasons I spoof the referrer header. This referrer spoofing was breaking your donation mechanism. Please consider a donation mechanism that does not depend on the referrer header. It's relatively trivial but one small additional barrier to donating.” >>donor was successful after this >> extra details from donor: add-on 'HTTPS everywhere' installed, no other plugins/addons, Apache HTTP2 web server (2.4.54) listening on localhost:8888 http://localhost:8888 serving plain html (my bookmarks), network.http.referer.spoofSource=true |
| 1178951 | 9/24/2022 | Windows 10 pro | payments.wiki via Adyen |
| 1178911 | 9/24/2022 | n/a | n/a |
| 1176708 | 9/22/2022 | Chrome + Windows 10 | payments.wiki via Adyen |
| 1174715 | 9/20/2022 | DELL Inspiron 3793 laptop Firefox v.104.0.2 + Google Chrome v.105.0.5195.127 | “I do use several extensions including "uBlock Origin" and "uMatrix" but both were configured to permit the wikimedia.org domain. I tried both a link from an email as well as a link from a "Donate" button on the Wikimedia home page” |
| 1174321 | 9/20/2022 | desktop computer, Edge browser | “I have an ad blocker that came with my antivirus program, and the web address/url came from a link in the email you sent me” |
| 1171882 | 9/15/2022 | Chrome. Acer Desktop Computer, Windows 11 | No browser add-ons. It was a Link in the email you sent me. |
| 1170431 | 9/14/2022 | iOS 15.6.1 Safari | “I get “Safari protected you from . . . . .” messages” |
| 1164346 | 9/1/2022 | n/a | n/a |
| 1150231 | 8/11/2022 | Browser: Firefox LinuxMint | “...with some extensions to preserve privacy, but disabled” |
| 1000719 | 10/05/2021 | Firefox 78.13.0esr (64-bit) | “...with some slightly conservative settings such as not allowing third-party cookies…and some extensions such as Pricacy Badger, from the EFF, or uBlock Origin. Using the same version of Firefox, but with an "out-of-the-box" profile, without the slightest customization, I was able to make a donation” |
Fr-Tech: Would asking those donors who use add-ons to make an exception for *.adyenpayments.com be worthwhile in these cases (assuming it's maybe not intermittent timeouts at Adyen)? It does seem like this is becoming more common, so we'd love to figure out how to enable these donors.
Some feedback from Adyen help desk:
Hi,
Thank you for reaching out to Adyen! Typically when you are receiving the The iframe has not configured error, it is related to an incorrect key for your client-side authentication. Depending on your integration, this can either be the client key or the origin key. You can generate these keys in the Customer Area by navigating to Developers > API Credentials, where you can select the web service user for which you want to generate the key.
For example, if you are authenticating using a client key, please check the following:
Are you using the correct client key in your integration?
Are all the domains on which the card input fields are loaded added to the “Allowed Origins” field, as explained in our documentation? (this is the most common issue)
Are you using the client key in the correct environment (test/live)?
If you are still experiencing issues once you have looked over these points and have inspected your implementation, it may be helpful to provide a video or screenshot of the Drop-in being rendered with the console window window open to allow us a more holistic view of the behavior.
Looking forward to your response.
Best,
Matthew Helmstetter
Technical Support Engineer
New response from adyen when we confirmed that our key is legit and this situation is not happen to 99% or users included us:
Matthew Helmstetter (Adyen)
Oct 6, 2022, 20:08 GMT+2
If you are unable to recreate it then it is extremely difficult to figure out what is going on because we would need to see the console error to be able to pinpoint where the error is coming from. I would recommend that if this ever happens then try and capture the console log and from there we should be able to assist in resolving the issue.
I am able to reproduce this error with the uMatrix extension,
Change 840577 had a related patch set uploaded (by Wfan; author: Wfan):
[mediawiki/extensions/DonationInterface@master] Add try catch for adyen to catch if any adyen connection been blocked
Change 840577 merged by jenkins-bot:
[mediawiki/extensions/DonationInterface@master] Add try catch for adyen to catch if any adyen connection been blocked
Change 842557 had a related patch set uploaded (by Ejegg; author: Ejegg):
[mediawiki/extensions/DonationInterface@master] Don't show general error on incomplete fields
Moved this back to backlog because it seems another patch is needed. From an e-mail by @Ejegg on 2022-10-13:
[the patch] actually shows the general error message above the form for some trivial validation issues that should just get an error message below the relevant field (e.g. leave card fields blank and press donate). [...] there are other scenarios it's still showing the error for (enter an expiration date that's too old and press donate).
Change 842557 merged by jenkins-bot:
[mediawiki/extensions/DonationInterface@master] Adyen: Don't show general error on validation fail